US8032751B2ExpiredUtilityA1

E-mail certification service

Assignee: FIRST INFORMATION SYSTEMS LLCPriority: Dec 30, 2003Filed: Dec 7, 2009Granted: Oct 4, 2011
Est. expiryDec 30, 2023(expired)· nominal 20-yr term from priority
H04L 51/00H04L 63/123G06Q 10/107
70
PatentIndex Score
5
Cited by
31
References
25
Claims

Abstract

A method is provided to handle an electronic mail message such that the receiver of the e-mail message can verify the integrity of the message. A request is provided from a sender's side to a service. The request includes information regarding the e-mail message. The service processes at least a portion of the request to generate a result. For example, the service may encrypt the portion of the request, according to a public/private key encryption scheme, to generate a digital signature as the result. The service provides the result to the sender's side. At the sender's side, the result is incorporated into the e-mail message and the result-incorporated message is transmitted via an e-mail system. At the receiver's side, the result-incorporated e-mail message is processed to assess the integrity of the received e-mail message.

Claims

exact text as granted — not AI-modified
1. A computer-implemented method of operating a service to generate a result for an electronic mail (“e-mail”) message, comprising:
 by the service, receiving a request from a sender via a network, the request comprising meta-data information regarding the e-mail message, wherein the meta-data information includes at least an e-mail address of the sender and an e-mail address of a recipient of the e-mail message, 
 by the service, processing at least a portion of the request to determine the result using a service private key, the service private key kept secret by the service; and 
 by the service, providing the result back to the sender via the network, for incorporation of the result into the e-mail message prior to the e-mail message being transmitted to the recipient of the e-mail message, as a result-incorporated e-mail message, via an e-mail system, whereby the recipient may process the result-incorporated e-mail message using a service public key to assess the integrity of the e-mail message. 
 
     
     
       2. The method of  claim 1 , wherein:
 the request received from the sender by the service further includes a digest of a body of the e-mail message. 
 
     
     
       3. The method of  claim 2 , wherein:
 the digest of the body of the e-mail message has been generated using an SHA algorithm. 
 
     
     
       4. The method of  claim 1 , wherein:
 the request received from the sender by the service does not include the body of the e-mail message or information from which the body of the e-mail message can be derived. 
 
     
     
       5. The method of  claim 1 , wherein:
 the service determines the result to further include an indication of a level of certification of the e-mail message. 
 
     
     
       6. The method of  claim 1 , wherein:
 the request received from the sender by the service further comprises sender verification information; and 
 the method further comprises, by the service, processing the sender verification information. 
 
     
     
       7. The method of  claim 1 , wherein:
 a sender is associated with e-mail message; and 
 the method further comprises, by the service, determining how the sender may be later located. 
 
     
     
       8. The method of  claim 7 , wherein:
 determining how the sender may be later located includes associating a degree of certainty with the determination. 
 
     
     
       9. The method of  claim 8 , wherein:
 the result includes an indication of the degree of certainty. 
 
     
     
       10. The method of  claim 9 , wherein:
 a sender of the e-mail message is associated with a particular e-mail address of a plurality of e-mail addresses; and 
 the method further comprises:
 at the service, before providing the result back to the sender for incorporation of the result by the sender into the e-mail message, sending an inquiry e-mail message from the service to the particular e-mail address; and 
 at the service, observing behavior of the sender associated with the inquiry e-mail message. 
 
 
     
     
       11. The method of  claim 10 , wherein:
 the behavior of the sender associated with the inquiry e-mail message and observed by the service includes the sender sending an e-mail message to the service, and received by the service, in reply to the inquiry e-mail message. 
 
     
     
       12. The method of  claim 10 , wherein:
 the behavior of the sender associated with the inquiry e-mail message and observed by the service includes the sender following instructions set forth in the inquiry e-mail message. 
 
     
     
       13. The method of  claim 12 , wherein:
 the instructions provided by the service include instruction for the sender to link to a particular universal resource locator. 
 
     
     
       14. The method of  claim 1 , further comprising:
 by the service, before providing the result for incorporation into the e-mail message, receiving a request for the sender to subscribe to the service; 
 by the service, sending an inquiry message to a sender associated with the sender's side, by a transmission channel other than the electronic mail system; and 
 by the service, observing behavior associated with the inquiry message. 
 
     
     
       15. A method for a recipient of an electronic mail (“e-mail”) message to validate a sender of the e-mail message, comprising:
 receiving the e-mail message sent from a sender of the e-mail message via an e-mail system; 
 processing a header field of the received e-mail message using a public key of a service to generate a first result, wherein the public key of the service is matched to a private key of the service, the service private key kept secret by the service; 
 processing a portion of the received e-mail message to generate a second result, the portion of the e-mail message including at least metadata information regarding the received e-mail message but not including the header field of message processed to generate the first result, wherein the meta-data information includes at least an e-mail address of the sender and an e-mail address of a recipient of the e-mail message; and 
 comparing the first result to the second result to assess the integrity of the received e-mail message. 
 
     
     
       16. The method of  claim 15 , wherein:
 the portion of the e-mail message processed by the recipient to generate the second result includes a body of the received e-mail message. 
 
     
     
       17. The method of  claim 15 , wherein:
 the second result, generated by the recipient, is a digest of a body of the received e-mail message. 
 
     
     
       18. The method of  claim 15 , wherein:
 the step of processing the received result-incorporated e-mail message by the recipient to assess the integrity of the e-mail message includes: 
 deriving the portion of the request from which the result was determined; 
 processing the portion of the request and the received e-mail message to assess the integrity of the e-mail message. 
 
     
     
       19. The method of  claim 18 , wherein:
 deriving the portion of the request from which the result was determined includes processing the result using the service public key to generate a decrypted result; 
 processing the portion of the request and the received e-mail message to assess the integrity of the e-mail message includes 
 by the recipient, generating a digest of the message body and processing the generated digest and the decrypted result to assess the integrity of the e-mail message. 
 
     
     
       20. The method of  claim 15 , wherein:
 the step of processing the received result-incorporated e-mail message by the recipient to assess the integrity of the e-mail message includes processing the result to determine a level of certification of the e-mail message. 
 
     
     
       21. The method of  claim 15 , wherein:
 processing the received result-incorporated e-mail message by the recipient to assess the integrity of the e-mail message is without interacting with a service that created the result, prior to the result having been incorporated into the e-mail message. 
 
     
     
       22. The method of  claim 15 , further comprising:
 sending a request to obtain contact information about the sender from the service that created the result, prior to the result having been incorporated into the e-mail message; and 
 receiving the requested contact information about the sender. 
 
     
     
       23. The method of  claim 22 , wherein:
 the requested contact information about the sender is in a format appropriate to an e-mail client program used by the recipient. 
 
     
     
       24. The method of  claim 22 , wherein:
 the requested contact information includes at least one link to sender advertising. 
 
     
     
       25. A computing system configured to be usable by a recipient of an electronic mail (“e-mail”) message to validate a sender of the e-mail message, the computing system configured to:
 receive the e-mail message sent from the sender of the e-mail message via an e-mail system; 
 process a header field of the received e-mail message using a public key of a service to generate a first result, wherein the public key of the service is matched to a private key of the service, the service private key kept secret by the service; 
 process a portion of the received e-mail message to generate a second result, the portion of the e-mail message including at least metadata information regarding the received e-mail message but not including the header field of message processed to generate the first result, wherein the meta-data information includes at least an e-mail address of the sender and an e-mail address of a recipient of the e-mail message; and 
 compare the first result to the second result to assess the integrity of the received e-mail message.

Join the waitlist — get patent alerts

Track US8032751B2 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.